The Telecommunications Regulatory Authority voiced fears that the BlackBerry manages data in a way that could allow it to be misused. “As a result of how Blackberry data is managed and stored, in their current form, certain Blackberry applications allow people to misuse the service, causing serious social, judicial and national security repercussions,” the regulator said in a statement carried on the state news agency late Sunday.Continue reading ‘More BlackBerry Security Concerns in the United Arab Emirates’

RIM has put out an official document entitled “RIM Customer Statement Regarding Etisalat / SS8 Software”. The document confirms that Etisalat did not release what they called a “upgrade” and that the software was in fact harmful to your device. According to the document:

RIM confirms that this software is not a patch and it is not a RIM authorized upgrade. RIM did not
develop this software application and RIM was not involved in any way in the testing, promotion
or distribution of this software application.

RIM further confirms, in general terms, that a third party patch cannot provide any enhancements
to network services as there is no capability for third parties to develop or modify the low level
radio communications protocols that would be involved in making such improvements to the
communications between a BlackBerry smartphone and a carrier’s network.

In the document, RIM also warns about updates that are pushed via SMS or WAP. According to RIM, if there is ever a need to update software, RIM distributes using standard channels, such as OTA and direct downloads. ” RIM does not use SMS or WAP push as an official distribution channel for these types of official BlackBerry software updates.”

It’s too bad we can’t trust our carriers. You would think that they would be content with the hundreds of dollars we give them each year.

The spyware intercepts emails and drains battery life remarkably fast. According to Chris Eng at Veracode, “the server receiving the initial registration packets (i.e. “Here I am, software is installed!”) got overloaded. Devices kept trying to connect every five seconds to empty the outbound message queue, thereby causing a battery drain. Some people were reporting on official BlackBerry forums that their batteries were being depleted from full charge in as little as half an hour.”

We are living in an age where our smartphones are becoming our personal computers, and therefore the focus of those who want to exploit our personal data in any way they can. Dan Hoffman, CTO of SMobile Systems said it best, “The truth about smartphones is that they are used in the same manner as personal computers and are susceptible to the same threats. It has become clear that smartphone users need to proactively ensure their devices contain the necessary security software to protect not only their e-mail and messaging data, but also to protect their identity and the integrity of their mobile financial transactions.”

“The problem came up when they sent a new batch to enhance the performance but instead they have killed all blackberry batteries by activating a process inside the phone which empties the battery in less than an hour if not charged,” complained a frustrated BlackBerry customer in the country who wished to remain anonymous.

“All our company employees who installed this batch file has been affected. They claim they are working on it, and the time frame to send a fix is said to be 7 days,” our source added.

So far, the only solution Etisalat is offering involves some basic battery maintenance. This means powering off your device, fully charging the battery, and powering on the device. In general, you should be draining the battery fully and charging fully at least once per month. There’s no word yet if another upgrade will be issued to solve the battery drainage.

I called the operator’s hotline inquiring about the update, and they confirmed it’s an “official” update that’s meant to enhance network stability which users experienced last few weeks, causing email and BBM delays. But anyone with two functional braincells would imagine such an update/fix would be done at the network side, rather than with an obscure piece of code pushed to client handsets as a WAP Push, rather than a service book.

Out of curiosity, I downloaded, unpacked and decoded the file, and can’t help but feel something is fishy here.